Re inject tcpdump capture

**b0bjes** · 11-27-2007

Does anybody know a (more or less) simple way to re inject wireshark dump into a wireless network ?

The purpose would be to test a wireless intrusion detection system on a sample capture of a usual wireless network traffic. This WIDS use Kismet wireless and I would like to inject the captured dump into kismet.

**RobinVossen** · 11-27-2007

I know how to do that.
Are you connected already?

**b0bjes** · 11-27-2007

How can I do that ?

**RobinVossen** · 11-27-2007

You didnt answer my Question.
are you connected already.
And I am not sure if I should tell you, since I dont want people to do stupid Stuff..

Cheers,
Robin

**b0bjes** · 11-27-2007

What do you mean by "connected already" ?
And you should tell me

I'm not doing stupid stuff I really need to accomplish that in order to test my Wireless IDS corerctly. Tell me what you need ...

**RobinVossen** · 11-27-2007

I guess I just have to trust you on your word. But well.
Connect already to the Wireless Access point?
After that you should take a look into hping.

**b0bjes** · 11-27-2007

I am connected to the access point (which is not connected to the internet).
I had a quick look on hping ... I was already using this kind of program (scapy which is an excellent injection program written in python). But does hping allow me to reinject directly a tcpdump capture ?

**RobinVossen** · 11-27-2007

Well I always use hping, I once wrote a Script to Eject the tcpdump file into hping tasks. It was a really simple small script.
I hope I still have it for yea.
But ofc you can always write it yourself.

I dont like scrappy. But thats for the same reason I dont like Vi or java.

Cheers,
Robin

**b0bjes** · 11-27-2007

Ok thanks a lot. If you find this script I would be very happy to be able to reuse it.
Thanks for all this useful information anyway.

**RobinVossen** · 11-27-2007

Well Ill hope I have it for you before Fryday.
Since today is my Anervesery. So when I get home I wont go to the PC.
Tomorrow Ill have to work from 8am till 8pm.

So in the meanwhile Id look further if Id were you.
But Ill look for the script for you

also you can rewrite my script its really not that hard.

Cheers,
Robin

Thread Tools

Display

Re inject tcpdump capture

Posting Permissions